Good on them. Webchat only? Beta only?

Only seen it here and on SPUF currently. I haven't tried chat or profile links.

Edit:

Also added to links posted on profiles. Well my profile anyway.

I just tried webchat and steam chat in the non-beta. No warning.

Early days I guess. It only popped up tonight so hopefully it will roll out.

Thanks for checking.

It still won't be enough. They need to use red bold and underlined text on parts where it says "never enter your password" and such. I would suggest to make it flashing text but people would complain how annoying it is.

The only new thing I see is that links now have 'semi anti phishign' stuf beside them which shows the URL its linking to.

And the big red banner on the warning page instead of a dull black/white pop up with an OK button.

Looks like they've rolled out the filter across the Community site. It seems there's some sort of condition that causes it to display the big scary warning; it's probably in the first instance targeting URLs which are similar (as judged by an algorithm) to real Steam URLs.

Looks like some URLs are whitelisted; Twitter for instance.

They should use a whitelist system, rather than a blacklist system.

Originally posted by Водоплясов:

aiusepsi
No, Microsoft.com also got into the filter
microsoft[microsoft.com]

Well, of course they did! Microsoft is the reason you have Windows right now and where computers have reached the stage of development they are at today.

I should have been more clear: it looks like some URLs like Twitter are whitelisted so that they don't have filerlink/ prepended.

Other links do get filterlink/ prepended. Once you click such a link, it checks that URL for closeness to a real Steam URL, and if so, it gets big scary warning notice. So Microsoft[microsoft.com] gets through without warning, but something like the totally reputable http://zzzzzteamgames.com doesn't.

Originally posted by aiusepsi:

I should have been more clear: it looks like some URLs like Twitter are whitelisted so that they don't have filerlink/ prepended.

Then once you click on a link that has filterlink/ prepended, it checks that URL for closeness to a real Steam URL, and if so, it gets big scary warning notice. So Microsoft[microsoft.com] gets through without warning, but something like the totally reputable http://zzzzzteamgames.com doesn't.

I see it too! Even so they need to make certain parts of the text stand out more, I know it is not necessary but if people still come back with "omg I got hacked" then they need a pretty good excuse for not reading the big blocked red text.

Valve should put a HL3 Lambda logo as the page background behind the text, this way it will catch people's attention...

So people are still getting phished. Though in the past 12 or so hours it does seem like less people are posting about it.


I think their should be two boxes on the scary page. One that says "you accept you are leaving steam..." and one that says "you accept you are not leaving steam".

Both these boxes should be brightly coloured but the colours should swap randomly so people have to READ which box they are clicking rather than auto clicking the orange box.

I think the big button should not proceed, but Leave the page. The button to actually visit the page should be small, hard to see unless you actually read the info posted.

Could work, but once you have clicked it once you know where it is. Unless it moves about. "steam phishing the mini game".